Skip to content

Clarify CertificateChainPolicy property supersession in SSL authentication options #12335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
+6 −6
Open

Clarify CertificateChainPolicy property supersession in SSL authentication options #12335

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3e8bfe3
Initial plan
Copilot Feb 19, 2026
533eedf
Update CertificateChainPolicy remarks for clarity on property superse…
Copilot Feb 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions xml/System.Net.Security/SslClientAuthenticationOptions.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -280,10 +280,10 @@

## Remarks

When the value of this property is not `null`:
When this property isn't `null`, certain properties on `SslClientAuthenticationOptions` are superseded by corresponding properties on the provided <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy>:

- The value of the <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode> property is ignored.
- Any <xref:System.Net.Security.SslCertificateTrust> associated with the <xref:System.Net.Security.SslClientAuthenticationOptions.ClientCertificateContext> is ignored.
- <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode> is superseded by <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.RevocationMode>.
- Any <xref:System.Net.Security.SslCertificateTrust> associated with <xref:System.Net.Security.SslClientAuthenticationOptions.ClientCertificateContext> is superseded by <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.TrustMode> and <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.CustomTrustStore>.
]]></format>
</remarks>
</Docs>
Expand Down
6 changes: 3 additions & 3 deletions xml/System.Net.Security/SslServerAuthenticationOptions.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -276,10 +276,10 @@

## Remarks

When the value of this property is not `null`:
When this property isn't `null`, certain properties on `SslServerAuthenticationOptions` are superseded by corresponding properties on the provided <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy>:

- The value of the <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode> property is ignored.
- If an <xref:System.Net.Security.SslCertificateTrust> was provided to the value in the <xref:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateContext> property, the trust list `SslCertificateTrust` will be sent in the handshake (when so configured), but the trust settings from this property aren't used when verifying any client authentication certificates.
- <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode> is superseded by <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.RevocationMode>.
- Any <xref:System.Net.Security.SslCertificateTrust> associated with <xref:System.Net.Security.SslServerAuthenticationOptions.ServerCertificateContext> is superseded by <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.TrustMode> and <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.CustomTrustStore>. However, the trust list from `SslCertificateTrust` is still sent in the handshake when configured.
]]></format>
</remarks>
</Docs>
Expand Down
Loading